/** * validate * * Run validation process * * @return null */ public function validate() { // each fields foreach ($this->_rules as $fieldName => &$rules) { $isValid = true; $value = $this->_type == 'POST' ? \Request::getPostParam($fieldName) : \Request::getParam($fieldName); // each field rules foreach ($rules as &$rule) { $ruleSize = sizeof($rule); if ($ruleSize < 2) { continue; } // filtering/casting if ($rule[0] == 'filter') { $filterNS = '\\common\\filters\\' . $rule[1]; $filter = \App::getInstance($filterNS); if ($ruleSize > 2) { $args = array_slice($rule, 2); array_unshift($args, $value); $ref = new \ReflectionMethod($filterNS, 'run'); $value = $ref->invokeArgs($filter, $args); } else { $value = $filter->run($value); } // validation } else { if ($rule[0] == 'negation' || $rule[0] == 'assertion') { $validatorNS = '\\common\\validators\\' . $rule[1]; $validator = \App::getInstance($validatorNS); if ($ruleSize > 3) { $args = array_slice($rule, 2, -1); array_unshift($args, $value); $ref = new \ReflectionMethod($validatorNS, 'isValid'); $isValid = $ref->invokeArgs($validator, $args); } else { $isValid = $validator->isValid($value); } // invert to assertion if ($rule[0] == 'assertion') { $isValid = !$isValid; } // update status, append message and out of chain if (!$isValid) { $this->addMessage($fieldName, array_pop($rule)); break; } // unknown item type of chain } else { continue; } } } // store sanitized value if ($isValid) { $this->_data->{$fieldName} = $value; } } }
public function login() { $status = 0; $message = ""; $filter = Filter::getInstance(); $username = Request::getPostParam("username"); $password = Request::getPostParam("password"); if ($filter->isString($username)) { if ($username == null || strlen($username) < 6) { $status = 403; $message = "<strong>Error:</strong> Combinación incorrecta de usuario y contraseña"; } } if ($filter->isString($password)) { if ($password == null || strlen($password) < 6) { $status = 403; $message = "<strong>Error:</strong> Combinación incorrecta de usuario y contraseña"; } } if ($status != 403) { $db = DataBase::getInstance(); $passSHA1 = sha1($password); $query = "SELECT * FROM User WHERE username='******' AND password='******' "; $db->query($query); $rows = $db->numRows(); if ($rows == 0) { $status = 403; $message = "<strong>Error:</strong> Combinación incorrecta de usuario y contraseña"; } else { $user = $db->fetchObject(); if (intval($user->isBlocked) == 1) { $status = 402; $message = "<strong>Error:</strong> Usuario bloqueado, contacte con su administrador"; } else { $status = 200; try { @session_destroy(); @session_start(); Session::set("status", true, "login"); Session::set("username", $user->username, "login"); Session::set("role", $user->role, "login"); } catch (Exception $ex) { $status = 500; $message = "<strong>Error:</strong> Error del servidor, inténtelo de nuevo más tarde."; } } } } header("Content-Type: text/xml", true); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past print "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n "; print "\t<reply>\n"; print "\t\t<value>\n"; print "\t\t\t{$status}\n"; print "\t\t</value>\n"; print "\t\t<message>\n"; print "\t\t\t{$message}\n"; print "\t\t</message>\n"; print "\t</reply>\n"; return; }
/** * Action for "/newcomment/" router. * * @param \Request $request * * @return Response */ public function newCommentAction(\Request $request) { $form = $request->getPostParam('form'); if (empty($form['id_post'])) { return $this->indexAction(); } if (empty($form['comment'])) { $request->setGetParams(['id' => $form['id_post']]); return $this->showPostAction($request); } $comment = new \MyBlog\Entity\Comment(); $comment->setOctrine($this->getService('octrine')); /** @var \Session $session */ $session = $this->getService('session'); if ($session->isClientAuthorized()) { $comment->setUserId($session->getUserId()); } $comment->setPostId($form['id_post']); $comment->setComment($form['comment']); $comment->save(); $response = new Response(); $response->setRedirectUrl('/post/?id=' . $comment->getPostId()); return $response; }